Strategic infrastructures are becoming increasingly interesting assets for hackers as happened to the US pipeline hit by a cyber attack. The news, broken a few hours ago by the main newspapers such as Reuters , speaks of an attack by means of a ransomware on the control systems of the pipeline managed by the company Colonial Pipeline.
The line supplies various areas of the United States and is therefore of extreme importance for the country. In fact, it connects the Gulf Coast and its refineries with the southern and eastern areas, transporting diesel oil every day. For this reason, the situation is constantly being watched by the respective departments because it could become even more delicate, considering the centrality in the strategic interests of the nation.
The cyber attack on the US pipeline
It is not uncommon for strategic infrastructures such as pipelines, hospitals or public administrations to be targeted by hacker groups around the world. In recent years, attacks against important targets for countries have increased exponentially. Starting with Stuxnet which had caused extensive damage to Iranian nuclear power plants, up to the most recent attacks on hospitals around the world .
The recent attack on the Colonial Pipeline actually demonstrates the weaknesses of these systems and, as reported by Reuters, the fragility of the US energy system. From a first reconstruction of what happened, it would seem that the distribution company became aware of the ransomware attack that took place last Friday (May 7). Only later it seems that the shutdown of the systems was requested as a precaution to assess the impact and the extent of the attack suffered.
American special forces, such as the FBI, have been clearly alerted given the centrality of the plant and Colonial has hired experts for the audit activities. The goal is clearly to get the infrastructure back up and running as quickly as possible. In fact, the Colonial Pipeline is able to transport over 2.5 million barrels of diesel per day. Therefore, an extended malfunction of only 4 days could even result in a lack of fuel at service stations. The consequences are obviously even wider with possible increases in the price of crude oil also due to this cause.
Investigate to heal possible vulnerabilities
Unfortunately, no system is perfect and it is possible that some security holes are exploited by the bad guys. In addition, security is more of a process than a product and as made by humans it is not error-free. In cases like this it is necessary to understand where the weakness is to prevent possible future attacks.
The investigation phase, in fact, is essential after an attack both to track down the attackers and to understand the causes. Forensic analyzes are able to analyze infected systems and recover the source of the problem. In addition, an extensive internal audit phase is equally important in order to correct corporate policies and improve security processes. Only in this way will we be able to understand why this attack happened and how we can prevent it from happening again. Very often, these occasions are also the time to find other aspects of the business systems that need to be remediated and that otherwise would have gone into the background.
Unfortunately, the most evident consequence of this fact is the lack of safety by design in all systems today controlling public facilities and infrastructures. As reported by Algirde Pipikaite, head of the World Economic Forum's Center for Cybersecurity, "as long as security measures are not incorporated into the development phase of the technology, we will see more and more attacks on industrial systems such as oil and gas pipelines or plants. of water treatment ".